After the legislature abolished the old regulation on processing publicly accessible personal data in the GDPR, it is unclear (not just in the GDPR, but also) in German law to what extent they may still make use of the possibilities of social media monitoring. The question arises whether public bodies may monitor social networks in order to engage in evidence-based policy. This also applies to the question whether the Federal Statistical Office, for example, may make use of generally accessible sources as the foundation for their observation and analysis (in this regard, recital 162 and Art. 89 GDPR must be taken into account). This question also raises additional delimitation problems between the E-Privacy Regulation and GDPR, since in this respect it appears unclear whether data collection in Web 2.0 is still actually subject to the GDPR.
The second pillar of the research project is the question to what extent private bodies – such as banks or insurance companies – may access the data trove of Web 2.0 in order to optimise their services and create personalised offers for their (potential) customers. Both contractual relationships between the providers of social networks with their users and advertising customers must be examined. Furthermore questions which are of a pure data protection law nature are to be answered as well. The range of the special regulations for direct advertising (Art. 21   GDPR) also plays a role in the answer. The project will specify the general legal conditions.
Prof. Dr. Mario Martini